<?php
	/*
		DreamCMS Version 1.0
		Developed by: Andrei Mikalov (Zeus)
		
		Thanks to Adam Davis
	*/
	include("models/config.php");
	$pagename= "Change Password"
?>

<?php



	/* 
		Below is a very simple example of how to process a login request.
		Some simple validation (ideally more is needed).
	*/

//Forms posted
if(!empty($_POST))
{
		$errors = array();
		$password = $_POST["password"];
		$password_new = $_POST["passwordc"];
		$password_confirm = $_POST["passwordcheck"];
	
		//Perform some validation
		//Feel free to edit / change as required
		
		if(trim($password) == "")
		{
			$errors[] = lang("ACCOUNT_SPECIFY_PASSWORD");
		}
		else if(trim($password_new) == "")
		{
			$errors[] = lang("ACCOUNT_SPECIFY_NEW_PASSWORD");
		}
		else if(minMaxRange(8,50,$password_new))
		{	
			$errors[] = lang("ACCOUNT_NEW_PASSWORD_LENGTH",array(8,50));
		}
		else if($password_new != $password_confirm)
		{
			$errors[] = lang("ACCOUNT_PASS_MISMATCH");
		}
		
		//End data validation
		if(count($errors) == 0)
		{
			//Confirm the hash's match before updating a users password
			$entered_pass = generateHash($password,$loggedInUser->hash_pw);
			
			//Also prevent updating if someone attempts to update with the same password
			$entered_pass_new = generateHash($password_new,$loggedInUser->hash_pw);
		
			if($entered_pass != $loggedInUser->hash_pw)
			{
				//No match
				$errors[] = lang("ACCOUNT_PASSWORD_INVALID");
			}
			else if($entered_pass_new == $loggedInUser->hash_pw)
			{
				//Don't update, this fool is trying to update with the same password ¬¬
				$errors[] = lang("NOTHING_TO_UPDATE");
			}
			else
			{
				//This function will create the new hash and update the hash_pw property.
				$loggedInUser->updatePassword($password_new);
			}
		}
	}
?>
<?php include("layout_inc/header.php"); ?>
<div id="content_main">
           <h3>Change Password</h3>
            <p>
           <?php
            if(!empty($_POST))
            {
				if(count($errors) > 0)
				{
            ?>
            <div id="errors">
            <?php errorBlock($errors); ?>
            </div>     
            <?php } else { ?> 
            <div id="success">
               <p><?php echo lang("ACCOUNT_DETAILS_UPDATED"); ?></p>
            </div>
        <?php } }?>

		

    	<div id="regbox">
            <form name="changePass" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
            
                <p>
                    <label>Current Password:</label>
                    <input type="password" name="password" />
                </p>
                
                <p>
                    <label>New Pass:</label>
                    <input type="password" name="passwordc" />
                </p>
                
                <p>
                    <label>Confirm Pass:</label>
                    <input type="password" name="passwordcheck" />
                </p>
                
        		<p>
                    <label>&nbsp;</label>
                    <input type="submit" value="Update Password" class="submit" />
               </p>
                    
            </form>
            </p>
                
            
        </div>
    
    <div id="nav_main">
        <h4>Navigation</h4>
        <ul>
          <?php include("layout_inc/right-nav.php"); ?>
        </ul>
    </div>
    
    
</div>

<div id="footer">
<div id="copyright"></div>
Powered by DreamCMS Version 1 <br />
Copyright &copy Andrei Mikalov & Adam Davis <br />
Thanks to Zymic.com for the template.
        <ul id="nav_footer">
        
        </ul>

</body>
</html>
